﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;

public partial class public_page_Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        SysCommon.checkUserLogin();

        if (!IsPostBack)
        {
            string 控件前导字符 = "ctl00$CPH_Right$";       //使用模板页ID前面有前导字符串

            lbl_search_str.Text = Convert.ToString(Request.Form[控件前导字符 + "hid_search_str"]);
            lbl_remark.Text = Convert.ToString(Request.Form[控件前导字符 + "hid_remark"]);


            int orgId;
            if (int.TryParse(Convert.ToString(Request.QueryString["orgId"]), out orgId) == true)
            {
                DataRow dr = DataBaseOperate_SQLServer.GetDataRow("select * from t_cost_organization where cost_organization_id=" + Convert.ToString(orgId));
                if (dr != null)
                {
                    lbl_cost_organization_name.Text = Convert.ToString(dr["cost_organization_name"]);
                    lbl_search_type1.Text = Convert.ToString(dr["search_type1"]);
                }
                else
                {
                    Response.Redirect("allBill.aspx");
                }
            }
            else
            {
                Response.Redirect("allBill.aspx");
            }
        }
    }

    protected void btn_success_Click(object sender, EventArgs e)
    {

        System.Text.StringBuilder sbstr = new System.Text.StringBuilder(200);

        int cost_id=0;
        int orgId=0;
        if (int.TryParse(Convert.ToString(Request.QueryString["orgId"]), out orgId) == true)
        {
            DataRow dr = DataBaseOperate_SQLServer.GetDataRow("select * from t_cost_organization where cost_organization_id=" + Convert.ToString(orgId));
            if (dr != null)
            {
                cost_id = Convert.ToInt32(dr["cost_id"]);
            }
        }        

        sbstr.Append("insert into t_user_bill(user_id,user_group_id,cost_id,cost_organization_id,search_type1,search_type2,search_str1,search_str2,remark,bill_type) values(");
        sbstr.Append(SysCommon.getUser_id());   //user_id
        sbstr.Append(",");
        sbstr.Append("0");      //user_group_id
        sbstr.Append(",");
        sbstr.Append(cost_id);  //cost_id
        sbstr.Append(",");
        sbstr.Append(orgId);    //cost_organization_id
        sbstr.Append(",'");
        sbstr.Append(SysCommon.ProcessSqlStr(lbl_search_type1.Text));  //search_type1       SysCommon.ProcessSqlStr()防注入函数
        sbstr.Append("','");
        sbstr.Append("");       //search_type2
        sbstr.Append("','");
        sbstr.Append(SysCommon.ProcessSqlStr(lbl_search_str.Text));       //search_str1
        sbstr.Append("','");
        sbstr.Append("");       //search_str2
        sbstr.Append("','");
        sbstr.Append(SysCommon.ProcessSqlStr(lbl_remark.Text));       //remark
        sbstr.Append("',");
        sbstr.Append("0");       //bill_type
        sbstr.Append(")");

        DataBaseOperate_SQLServer.ExecUpdate(sbstr.ToString());


        Server.Transfer("list_Bill.aspx");
    }
}
